2/12 




CONFIGURE A CREDENTIAL 
ISSUING AUTHORITY 



PRE-AUTHENTICATE A 
PROSPECTIVE MEMBER 
DEVICE OVER A PREFERRED 
CHANNEL 



1 


r 


AUTOMATICAL 
THE PROSPEC 
DEVICE WITH/ 


LY PROVISION 
ITIVE MEMBER 
\ CREDENTIAL 



FIG. 2 



3/12 



-301 



303 



CREATE A TRUSTED KEY PAIR 



305 



STORE THE TRUSTED KEY PAIR 



307 



CREATE/OBTAIN A 
CREDENTIAL 



309 



STORE CREDENTIAL 



311 



OTHER INITIALIZATION 




FIG. 3 



4/12 



403 



405 



407 



409 



411 



413 



414 




INITIALIZE THE LOCATION- 
LIMITED PORTS 



ESTABLISH COMMUNICATION 
OVER A PREFERRED CHANNEL 
USING A LOCATION-LIMITED PORT 



EXCHANGE COMMITMENT 
INFORMATION OVER 
PREFERRED CHANNEL 



PROVIDE COMMUNICATION 
ENABLEMENT INFORMATION 



KEY EXCHANGE 



VERIFY KEY WITH 
COMMITMENT 



VERIFY POSSESSION 
OF PRIVATE KEY 




-400 



FIG. 4 



5/12 



503 



505 



507 



509 



511 



513 



514 




INITIALIZE THE LOCATION- 
LIMITED PORTS 



ESTABLISH COMMUNICATION 
OVER A PREFERRED CHANNEL 
USING A LOCATION-LIMITED PORT 



EXCHANGE COMMITMENT 
INFORMATION OVER 
PREFERRED CHANNEL 



RECEIVE COMMUNICATION 
ENABLEMENT-SPECIFIC 
INFORMATION 



KEY EXCHANGE 



VERIFY KEY WITH 
COMMITMENT 



VERIFY POSSESSION 
OF PRIVATE KEY 




FIG. 5 



603 



605 



607 



609 



6/12 




ACQUIRE PROVISIONING 
INFORMATION REQUEST 



GENERATE PROVISIONING 
INFORMATION 



SEND CREDENTIAL 



SEND PROVISIONING 
INFORMATION 




FIG. 6 



703 



705 



707 



709 



7/12 




PRE-AUTHENTICATION 



REQUEST PROVISIONING 
INFORMATION 



RECEIVE CREDENTIAL 



RECEIVE PROVISIONING 
INFORMATION 




FIG. 7 



8/12 




FIG. 8 



9/12 



~1 




STATION N 



FIG. 9 



L_ 



10/12 



1003 




1001 



CONFIGURE A PROVISIONING 
DEVICE 



1005 



ESTABLISH COMMUNICATION 

WITH A NETWORK DEVICE 
OVER A PREFERRED CHANNEL 



1007 



SEND NETWORK 
CONFIGURATION INFORMATION 
TO THE NETWORK DEVICE OVER 
THE PREFERRED CHANNEL 



FIG. 10 



11/12 



-mi 



1113- 



WAP 




1115 



FIREWALL 



1117 



PATIENT DATA 
STORAGE 



1107 



1105- 



WAP 



-1109 



SENSOR 1 



SENSOR N 



1109 



1100 



■1101 




SENSOR 1 



SENSOR N 



FIG. II 



L 



12/12 




FIG. 12 



